1. Field of the Invention
The present invention relates generally to computer security, and more particularly but not exclusively to methods and apparatus for secure file transfers between user computers.
2. Description of the Background Art
Person-to-person file transfer involves transfer of a computer file from one user computer to another user computer. Unlike other ways of transferring files, such as between a user computer and a server or vice versa, person-to-person file transfer involves a typical user sending a file to a friend, a customer, a relative or some other person who may or may not be computer savvy. File transfer between user computers thus needs to be as user friendly as possible, especially when transferring files containing confidential information. These days, it is not uncommon for users to send files containing tax returns, loan application, and the like. If the process of securely transferring a confidential file is overly complicated, users may not bother with following the process and simply send the confidential file in the clear as an email attachment.
There are several methods of performing person-to-person secure file transfer. For example, secure file transfer may be performed using a “pretty good privacy” (PGP) like account, with the need to exchange keys with recipients to allow encryption and digital signing of exchanged files. Another example method involves using some form of cloud service that provides a form based process to allow a user to send files to another user via email. The cloud service may use some form of encryption during transit (e.g., secure socket layer (SSL) protocol) and encrypt the files at rest on their cloud servers. These and other methods do not adequately secure the file, especially from being opened by a person other than the intended recipient, are overly complicated for users that are not interested in learning much computer technology, and/or require users to exchange and manage keys.